Описание
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. OpenSSL does not class this issue as a security vulnerability. The trusted CA store should not contain anything that the user does not trust to issue other certificates. Notes: https://github.com/openssl/openssl/issues/5236#issuecomment-119646061
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 1.1.1-1ubuntu2.1~18.04.9 |
| devel | not-affected | 1.1.1j-1ubuntu4 |
| esm-infra-legacy/trusty | not-affected | |
| esm-infra/bionic | not-affected | 1.1.1-1ubuntu2.1~18.04.9 |
| esm-infra/focal | not-affected | 1.1.1f-1ubuntu2.4 |
| esm-infra/xenial | not-affected | |
| fips-updates/bionic | not-affected | 1.1.1-1ubuntu2.1~18.04.9 |
| fips-updates/focal | not-affected | 1.1.1f-1ubuntu2.4 |
| fips-updates/xenial | not-affected | |
| fips/bionic | not-affected | 1.1.1-1ubuntu2.1~18.04.9 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE |
Показывать по
Ссылки на источники
Связанные уязвимости
A flaw was found in the way OpenSSL will accept a certificate with explicitly set Basic Constraints to CA:FALSE as a valid CA if it is present in the trusted bundle. This flaw allows an attacker with access to a private key, of which the corresponding certificate is in the trust bundle, to use this flaw for MITM to any connection from the victim machine.
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. OpenSSL does not class this issue as a security vulnerability. The trusted CA store should not contain anything that the user does not trust to issue other certificates. Notes: https://github.com/openssl/openssl/issues/5236#issuecomment-119646061